npm - @aws-sdk/client-iam - Versions diffs - 3.262.0 → 3.263.0 - Mend

@aws-sdk/client-iam 3.262.0 → 3.263.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (119) hide show

package/dist-types/commands/AddClientIDToOpenIDConnectProviderCommand.d.ts CHANGED Viewed

@@ -10,7 +10,7 @@ export interface AddClientIDToOpenIDConnectProviderCommandOutput extends __Metad
 /**
  * <p>Adds a new client ID (also known as audience) to the list of client IDs already
  *             registered for the specified IAM OpenID Connect (OIDC) provider resource.</p>
- *         <p>This operation is idempotent; it does not fail or return an error if you add an
+ *          <p>This operation is idempotent; it does not fail or return an error if you add an
  *             existing client ID to the provider.</p>
  * @example
  * Use a bare-bones client and the command you need to make an API call.

package/dist-types/commands/AddRoleToInstanceProfileCommand.d.ts CHANGED Viewed

@@ -14,11 +14,11 @@ export interface AddRoleToInstanceProfileCommandOutput extends __MetadataBearer
  *             for the change to appear across all of Amazon Web Services because of <a href="https://en.wikipedia.org/wiki/Eventual_consistency">eventual
  *                 consistency</a>. To force the change, you must <a href="https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DisassociateIamInstanceProfile.html">disassociate the instance profile</a> and then <a href="https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_AssociateIamInstanceProfile.html">associate the
  *                 instance profile</a>, or you can stop your instance and then restart it.</p>
- *         <note>
+ *          <note>
  *             <p>The caller of this operation must be granted the <code>PassRole</code> permission
  *                 on the IAM role by a permissions policy.</p>
- *         </note>
- *         <p>For more information about roles, see <a href="https://docs.aws.amazon.com/IAM/latest/UserGuide/WorkingWithRoles.html">Working with roles</a>. For more
+ *          </note>
+ *          <p>For more information about roles, see <a href="https://docs.aws.amazon.com/IAM/latest/UserGuide/WorkingWithRoles.html">Working with roles</a>. For more
  *             information about instance profiles, see <a href="https://docs.aws.amazon.com/IAM/latest/UserGuide/AboutInstanceProfiles.html">About instance
  *             profiles</a>.</p>
  * @example

package/dist-types/commands/AttachGroupPolicyCommand.d.ts CHANGED Viewed

@@ -9,12 +9,12 @@ export interface AttachGroupPolicyCommandOutput extends __MetadataBearer {
 }
 /**
  * <p>Attaches the specified managed policy to the specified IAM group.</p>
- *         <p>You use this operation to attach a managed policy to a group. To embed an inline
+ *          <p>You use this operation to attach a managed policy to a group. To embed an inline
  *             policy in a group, use <a>PutGroupPolicy</a>.</p>
- *         <p>As a best practice, you can validate your IAM policies.
+ *          <p>As a best practice, you can validate your IAM policies.
  *      To learn more, see <a href="https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_policy-validator.html">Validating IAM policies</a>
  *             in the <i>IAM User Guide</i>.</p>
- *         <p>For more information about policies, see <a href="https://docs.aws.amazon.com/IAM/latest/UserGuide/policies-managed-vs-inline.html">Managed policies and inline
+ *          <p>For more information about policies, see <a href="https://docs.aws.amazon.com/IAM/latest/UserGuide/policies-managed-vs-inline.html">Managed policies and inline
  *                 policies</a> in the <i>IAM User Guide</i>.</p>
  * @example
  * Use a bare-bones client and the command you need to make an API call.

package/dist-types/commands/AttachRolePolicyCommand.d.ts CHANGED Viewed

@@ -11,16 +11,16 @@ export interface AttachRolePolicyCommandOutput extends __MetadataBearer {
  * <p>Attaches the specified managed policy to the specified IAM role. When you attach a
  *             managed policy to a role, the managed policy becomes part of the role's permission
  *             (access) policy.</p>
- *         <note>
+ *          <note>
  *             <p>You cannot use a managed policy as the role's trust policy. The role's trust
  *                 policy is created at the same time as the role, using <a>CreateRole</a>.
  *                 You can update a role's trust policy using <a>UpdateAssumeRolePolicy</a>.</p>
- *         </note>
- *         <p>Use this operation to attach a <i>managed</i> policy to a role. To embed
+ *          </note>
+ *          <p>Use this operation to attach a <i>managed</i> policy to a role. To embed
  *             an inline policy in a role, use <a>PutRolePolicy</a>. For more information
  *             about policies, see <a href="https://docs.aws.amazon.com/IAM/latest/UserGuide/policies-managed-vs-inline.html">Managed policies and inline
  *                 policies</a> in the <i>IAM User Guide</i>.</p>
- *         <p>As a best practice, you can validate your IAM policies.
+ *          <p>As a best practice, you can validate your IAM policies.
  *      To learn more, see <a href="https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_policy-validator.html">Validating IAM policies</a>
  *             in the <i>IAM User Guide</i>.</p>
  * @example

package/dist-types/commands/AttachUserPolicyCommand.d.ts CHANGED Viewed

@@ -9,12 +9,12 @@ export interface AttachUserPolicyCommandOutput extends __MetadataBearer {
 }
 /**
  * <p>Attaches the specified managed policy to the specified user.</p>
- *         <p>You use this operation to attach a <i>managed</i> policy to a user. To
+ *          <p>You use this operation to attach a <i>managed</i> policy to a user. To
  *             embed an inline policy in a user, use <a>PutUserPolicy</a>.</p>
- *         <p>As a best practice, you can validate your IAM policies.
+ *          <p>As a best practice, you can validate your IAM policies.
  *      To learn more, see <a href="https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_policy-validator.html">Validating IAM policies</a>
  *             in the <i>IAM User Guide</i>.</p>
- *         <p>For more information about policies, see <a href="https://docs.aws.amazon.com/IAM/latest/UserGuide/policies-managed-vs-inline.html">Managed policies and inline
+ *          <p>For more information about policies, see <a href="https://docs.aws.amazon.com/IAM/latest/UserGuide/policies-managed-vs-inline.html">Managed policies and inline
  *                 policies</a> in the <i>IAM User Guide</i>.</p>
  * @example
  * Use a bare-bones client and the command you need to make an API call.

package/dist-types/commands/ChangePasswordCommand.d.ts CHANGED Viewed

@@ -12,7 +12,7 @@ export interface ChangePasswordCommandOutput extends __MetadataBearer {
  *             can be performed using the CLI, the Amazon Web Services API, or the <b>My
  *                 Security Credentials</b> page in the Amazon Web Services Management Console. The Amazon Web Services account root user
  *             password is not affected by this operation.</p>
- *         <p>Use <a>UpdateLoginProfile</a> to use the CLI, the Amazon Web Services API, or the
+ *          <p>Use <a>UpdateLoginProfile</a> to use the CLI, the Amazon Web Services API, or the
  *                 <b>Users</b> page in the IAM console to change the
  *             password for any IAM user. For more information about modifying passwords, see <a href="https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_ManagingLogins.html">Managing
  *                 passwords</a> in the <i>IAM User Guide</i>.</p>

package/dist-types/commands/CreateAccessKeyCommand.d.ts CHANGED Viewed

@@ -10,18 +10,18 @@ export interface CreateAccessKeyCommandOutput extends CreateAccessKeyResponse, _
 /**
  * <p> Creates a new Amazon Web Services secret access key and corresponding Amazon Web Services access key ID for the
  *             specified user. The default status for new keys is <code>Active</code>.</p>
- *         <p>If you do not specify a user name, IAM determines the user name implicitly based on
+ *          <p>If you do not specify a user name, IAM determines the user name implicitly based on
  *             the Amazon Web Services access key ID signing the request. This operation works for access keys under
  *             the Amazon Web Services account. Consequently, you can use this operation to manage Amazon Web Services account root
  *             user credentials. This is true even if the Amazon Web Services account has no associated users.</p>
- *         <p> For information about quotas on the number of keys you can create, see <a href="https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_iam-quotas.html">IAM and STS
+ *          <p> For information about quotas on the number of keys you can create, see <a href="https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_iam-quotas.html">IAM and STS
  *                 quotas</a> in the <i>IAM User Guide</i>.</p>
- *         <important>
+ *          <important>
  *             <p>To ensure the security of your Amazon Web Services account, the secret access key is accessible
  *                 only during key and user creation. You must save the key (for example, in a text
  *                 file) if you want to be able to access it again. If a secret key is lost, you can
  *                 delete the access keys for the associated user and then create new keys.</p>
- *         </important>
+ *          </important>
  * @example
  * Use a bare-bones client and the command you need to make an API call.
  * ```javascript

package/dist-types/commands/CreateGroupCommand.d.ts CHANGED Viewed

@@ -9,7 +9,7 @@ export interface CreateGroupCommandOutput extends CreateGroupResponse, __Metadat
 }
 /**
  * <p>Creates a new group.</p>
- *         <p> For information about the number of groups you can create, see <a href="https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_iam-quotas.html">IAM and STS
+ *          <p> For information about the number of groups you can create, see <a href="https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_iam-quotas.html">IAM and STS
  *                 quotas</a> in the <i>IAM User Guide</i>.</p>
  * @example
  * Use a bare-bones client and the command you need to make an API call.

package/dist-types/commands/CreateInstanceProfileCommand.d.ts CHANGED Viewed

@@ -11,7 +11,7 @@ export interface CreateInstanceProfileCommandOutput extends CreateInstanceProfil
  * <p> Creates a new instance profile. For information about instance profiles, see <a href="https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_use_switch-role-ec2.html">Using
  *                 roles for applications on Amazon EC2</a> in the
  *                 <i>IAM User Guide</i>, and <a href="https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/iam-roles-for-amazon-ec2.html#ec2-instance-profile">Instance profiles</a> in the <i>Amazon EC2 User Guide</i>.</p>
- *         <p> For information about the number of instance profiles you can create, see <a href="https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_iam-quotas.html">IAM object
+ *          <p> For information about the number of instance profiles you can create, see <a href="https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_iam-quotas.html">IAM object
  *                 quotas</a> in the <i>IAM User Guide</i>.</p>
  * @example
  * Use a bare-bones client and the command you need to make an API call.

package/dist-types/commands/CreateLoginProfileCommand.d.ts CHANGED Viewed

@@ -10,9 +10,9 @@ export interface CreateLoginProfileCommandOutput extends CreateLoginProfileRespo
 /**
  * <p>Creates a password for the specified IAM user. A password allows an IAM user to
  *             access Amazon Web Services services through the Amazon Web Services Management Console.</p>
- *         <p>You can use the CLI, the Amazon Web Services API, or the <b>Users</b>
+ *          <p>You can use the CLI, the Amazon Web Services API, or the <b>Users</b>
  *             page in the IAM console to create a password for any IAM user. Use <a>ChangePassword</a> to update your own existing password in the <b>My Security Credentials</b> page in the Amazon Web Services Management Console.</p>
- *         <p>For more information about managing passwords, see <a href="https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_ManagingLogins.html">Managing passwords</a> in the
+ *          <p>For more information about managing passwords, see <a href="https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_ManagingLogins.html">Managing passwords</a> in the
  *                 <i>IAM User Guide</i>.</p>
  * @example
  * Use a bare-bones client and the command you need to make an API call.

package/dist-types/commands/CreateOpenIDConnectProviderCommand.d.ts CHANGED Viewed

@@ -9,43 +9,44 @@ export interface CreateOpenIDConnectProviderCommandOutput extends CreateOpenIDCo
 }
 /**
  * <p>Creates an IAM entity to describe an identity provider (IdP) that supports <a href="http://openid.net/connect/">OpenID Connect (OIDC)</a>.</p>
- *         <p>The OIDC provider that you create with this operation can be used as a principal in a
+ *          <p>The OIDC provider that you create with this operation can be used as a principal in a
  *             role's trust policy. Such a policy establishes a trust relationship between Amazon Web Services and
  *             the OIDC provider.</p>
- *         <p>If you are using an OIDC identity provider from Google, Facebook, or Amazon Cognito, you don't
+ *          <p>If you are using an OIDC identity provider from Google, Facebook, or Amazon Cognito, you don't
  *             need to create a separate IAM identity provider. These OIDC identity providers are
  *             already built-in to Amazon Web Services and are available for your use. Instead, you can move directly
  *             to creating new roles using your identity provider. To learn more, see <a href="https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_create_for-idp_oidc.html">Creating
  *                 a role for web identity or OpenID connect federation</a> in the <i>IAM
  *                 User Guide</i>.</p>
- *         <p>When you create the IAM OIDC provider, you specify the following:</p>
- *         <ul>
+ *          <p>When you create the IAM OIDC provider, you specify the following:</p>
+ *          <ul>
  *             <li>
- *                 <p>The URL of the OIDC identity provider (IdP) to trust</p>
+ *                <p>The URL of the OIDC identity provider (IdP) to trust</p>
  *             </li>
  *             <li>
- *                 <p>A list of client IDs (also known as audiences) that identify the application
+ *                <p>A list of client IDs (also known as audiences) that identify the application
  *                     or applications allowed to authenticate using the OIDC provider</p>
  *             </li>
  *             <li>
- *                 <p>A list of thumbprints of one or more server certificates that the IdP
+ *                <p>A list of thumbprints of one or more server certificates that the IdP
  *                     uses</p>
  *             </li>
  *          </ul>
- *         <p>You get all of this information from the OIDC IdP you want to use to access
+ *          <p>You get all of this information from the OIDC IdP you want to use to access
  *             Amazon Web Services.</p>
- *         <note>
+ *          <note>
  *             <p>Amazon Web Services secures communication with some OIDC identity providers (IdPs) through our
  *             library of trusted certificate authorities (CAs) instead of using a certificate
- *             thumbprint to verify your IdP server certificate. These OIDC IdPs include Google, and
- *             those that use an Amazon S3 bucket to host a JSON Web Key Set (JWKS) endpoint. In these
- *             cases, your legacy thumbprint remains in your configuration, but is no longer used for validation.</p>
+ *             thumbprint to verify your IdP server certificate. These OIDC IdPs include Google, Auth0,
+ *             and those that use an Amazon S3 bucket to host a JSON Web Key Set (JWKS) endpoint. In these
+ *             cases, your legacy thumbprint remains in your configuration, but is no longer used for
+ *             validation.</p>
  *          </note>
- *         <note>
+ *          <note>
  *             <p>The trust for the OIDC provider is derived from the IAM provider that this
  *                 operation creates. Therefore, it is best to limit access to the <a>CreateOpenIDConnectProvider</a> operation to highly privileged
  *                 users.</p>
- *         </note>
+ *          </note>
  * @example
  * Use a bare-bones client and the command you need to make an API call.
  * ```javascript

package/dist-types/commands/CreatePolicyCommand.d.ts CHANGED Viewed

@@ -9,14 +9,14 @@ export interface CreatePolicyCommandOutput extends CreatePolicyResponse, __Metad
 }
 /**
  * <p>Creates a new managed policy for your Amazon Web Services account.</p>
- *         <p>This operation creates a policy version with a version identifier of <code>v1</code>
+ *          <p>This operation creates a policy version with a version identifier of <code>v1</code>
  *             and sets v1 as the policy's default version. For more information about policy versions,
  *             see <a href="https://docs.aws.amazon.com/IAM/latest/UserGuide/policies-managed-versions.html">Versioning for managed policies</a> in the
  *                 <i>IAM User Guide</i>.</p>
- *         <p>As a best practice, you can validate your IAM policies.
+ *          <p>As a best practice, you can validate your IAM policies.
  *      To learn more, see <a href="https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_policy-validator.html">Validating IAM policies</a>
  *             in the <i>IAM User Guide</i>.</p>
- *         <p>For more information about managed policies in general, see <a href="https://docs.aws.amazon.com/IAM/latest/UserGuide/policies-managed-vs-inline.html">Managed
+ *          <p>For more information about managed policies in general, see <a href="https://docs.aws.amazon.com/IAM/latest/UserGuide/policies-managed-vs-inline.html">Managed
  *                 policies and inline policies</a> in the
  *             <i>IAM User Guide</i>.</p>
  * @example

package/dist-types/commands/CreatePolicyVersionCommand.d.ts CHANGED Viewed

@@ -11,10 +11,10 @@ export interface CreatePolicyVersionCommandOutput extends CreatePolicyVersionRes
  * <p>Creates a new version of the specified managed policy. To update a managed policy, you
  *             create a new policy version. A managed policy can have up to five versions. If the
  *             policy has five versions, you must delete an existing version using <a>DeletePolicyVersion</a> before you create a new version.</p>
- *         <p>Optionally, you can set the new version as the policy's default version. The default
+ *          <p>Optionally, you can set the new version as the policy's default version. The default
  *             version is the version that is in effect for the IAM users, groups, and roles to which
  *             the policy is attached.</p>
- *         <p>For more information about managed policy versions, see <a href="https://docs.aws.amazon.com/IAM/latest/UserGuide/policies-managed-versions.html">Versioning for managed
+ *          <p>For more information about managed policy versions, see <a href="https://docs.aws.amazon.com/IAM/latest/UserGuide/policies-managed-versions.html">Versioning for managed
  *                 policies</a> in the <i>IAM User Guide</i>.</p>
  * @example
  * Use a bare-bones client and the command you need to make an API call.

package/dist-types/commands/CreateSAMLProviderCommand.d.ts CHANGED Viewed

@@ -10,20 +10,20 @@ export interface CreateSAMLProviderCommandOutput extends CreateSAMLProviderRespo
 /**
  * <p>Creates an IAM resource that describes an identity provider (IdP) that supports SAML
  *             2.0.</p>
- *         <p>The SAML provider resource that you create with this operation can be used as a
+ *          <p>The SAML provider resource that you create with this operation can be used as a
  *             principal in an IAM role's trust policy. Such a policy can enable federated users who
  *             sign in using the SAML IdP to assume the role. You can create an IAM role that
  *             supports Web-based single sign-on (SSO) to the Amazon Web Services Management Console or one that supports API access
  *             to Amazon Web Services.</p>
- *         <p>When you create the SAML provider resource, you upload a SAML metadata document that
+ *          <p>When you create the SAML provider resource, you upload a SAML metadata document that
  *             you get from your IdP. That document includes the issuer's name, expiration information,
  *             and keys that can be used to validate the SAML authentication response (assertions) that
  *             the IdP sends. You must generate the metadata document using the identity management
  *             software that is used as your organization's IdP.</p>
- *         <note>
+ *          <note>
  *             <p> This operation requires <a href="https://docs.aws.amazon.com/general/latest/gr/signature-version-4.html">Signature Version 4</a>.</p>
- *         </note>
- *         <p> For more information, see <a href="https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_providers_enable-console-saml.html">Enabling SAML 2.0
+ *          </note>
+ *          <p> For more information, see <a href="https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_providers_enable-console-saml.html">Enabling SAML 2.0
  *                 federated users to access the Amazon Web Services Management Console</a> and <a href="https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_providers_saml.html">About SAML 2.0-based
  *                 federation</a> in the <i>IAM User Guide</i>.</p>
  * @example

package/dist-types/commands/CreateServiceLinkedRoleCommand.d.ts CHANGED Viewed

@@ -15,7 +15,7 @@ export interface CreateServiceLinkedRoleCommandOutput extends CreateServiceLinke
  *             improve service stability and proper cleanup when a service and its role are no longer
  *             needed. For more information, see <a href="https://docs.aws.amazon.com/IAM/latest/UserGuide/using-service-linked-roles.html">Using service-linked
  *                 roles</a> in the <i>IAM User Guide</i>. </p>
- *         <p>To attach a policy to this service-linked role, you must make the request using the
+ *          <p>To attach a policy to this service-linked role, you must make the request using the
  *             Amazon Web Services service that depends on this role.</p>
  * @example
  * Use a bare-bones client and the command you need to make an API call.

package/dist-types/commands/CreateServiceSpecificCredentialCommand.d.ts CHANGED Viewed

@@ -11,12 +11,12 @@ export interface CreateServiceSpecificCredentialCommandOutput extends CreateServ
  * <p>Generates a set of credentials consisting of a user name and password that can be used
  *             to access the service specified in the request. These credentials are generated by
  *             IAM, and can be used only for the specified service. </p>
- *         <p>You can have a maximum of two sets of service-specific credentials for each supported
+ *          <p>You can have a maximum of two sets of service-specific credentials for each supported
  *             service per user.</p>
- *         <p>You can create service-specific credentials for CodeCommit and Amazon Keyspaces (for Apache
+ *          <p>You can create service-specific credentials for CodeCommit and Amazon Keyspaces (for Apache
  *             Cassandra).</p>
- *         <p>You can reset the password to a new service-generated value by calling <a>ResetServiceSpecificCredential</a>.</p>
- *         <p>For more information about service-specific credentials, see <a href="https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_ssh-keys.html">Using IAM
+ *          <p>You can reset the password to a new service-generated value by calling <a>ResetServiceSpecificCredential</a>.</p>
+ *          <p>For more information about service-specific credentials, see <a href="https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_ssh-keys.html">Using IAM
  *                 with CodeCommit: Git credentials, SSH keys, and Amazon Web Services access keys</a> in the
  *                 <i>IAM User Guide</i>.</p>
  * @example

package/dist-types/commands/CreateUserCommand.d.ts CHANGED Viewed

@@ -9,7 +9,7 @@ export interface CreateUserCommandOutput extends CreateUserResponse, __MetadataB
 }
 /**
  * <p>Creates a new IAM user for your Amazon Web Services account.</p>
- *         <p> For information about quotas for the number of IAM users you can create, see <a href="https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_iam-quotas.html">IAM and STS
+ *          <p> For information about quotas for the number of IAM users you can create, see <a href="https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_iam-quotas.html">IAM and STS
  *                 quotas</a> in the <i>IAM User Guide</i>.</p>
  * @example
  * Use a bare-bones client and the command you need to make an API call.

package/dist-types/commands/CreateVirtualMFADeviceCommand.d.ts CHANGED Viewed

@@ -12,15 +12,15 @@ export interface CreateVirtualMFADeviceCommandOutput extends CreateVirtualMFADev
  *             MFA, use <a>EnableMFADevice</a> to attach the MFA device to an IAM user.
  *             For more information about creating and working with virtual MFA devices, see <a href="https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_VirtualMFA.html">Using a virtual MFA
  *                 device</a> in the <i>IAM User Guide</i>.</p>
- *         <p>For information about the maximum number of MFA devices you can create, see <a href="https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_iam-quotas.html">IAM and STS
+ *          <p>For information about the maximum number of MFA devices you can create, see <a href="https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_iam-quotas.html">IAM and STS
  *                 quotas</a> in the <i>IAM User Guide</i>.</p>
- *         <important>
+ *          <important>
  *             <p>The seed information contained in the QR code and the Base32 string should be
  *                 treated like any other secret access information. In other words, protect the seed
  *                 information as you would your Amazon Web Services access keys or your passwords. After you
  *                 provision your virtual device, you should ensure that the information is destroyed
  *                 following secure procedures.</p>
- *         </important>
+ *          </important>
  * @example
  * Use a bare-bones client and the command you need to make an API call.
  * ```javascript

package/dist-types/commands/DeactivateMFADeviceCommand.d.ts CHANGED Viewed

@@ -10,7 +10,7 @@ export interface DeactivateMFADeviceCommandOutput extends __MetadataBearer {
 /**
  * <p>Deactivates the specified MFA device and removes it from association with the user
  *             name for which it was originally enabled.</p>
- *         <p>For more information about creating and working with virtual MFA devices, see <a href="https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_VirtualMFA.html">Enabling a virtual
+ *          <p>For more information about creating and working with virtual MFA devices, see <a href="https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_VirtualMFA.html">Enabling a virtual
  *                 multi-factor authentication (MFA) device</a> in the
  *                 <i>IAM User Guide</i>.</p>
  * @example

package/dist-types/commands/DeleteAccessKeyCommand.d.ts CHANGED Viewed

@@ -9,7 +9,7 @@ export interface DeleteAccessKeyCommandOutput extends __MetadataBearer {
 }
 /**
  * <p>Deletes the access key pair associated with the specified IAM user.</p>
- *         <p>If you do not specify a user name, IAM determines the user name implicitly based on
+ *          <p>If you do not specify a user name, IAM determines the user name implicitly based on
  *             the Amazon Web Services access key ID signing the request. This operation works for access keys under
  *             the Amazon Web Services account. Consequently, you can use this operation to manage Amazon Web Services account root
  *             user credentials even if the Amazon Web Services account has no associated users.</p>

package/dist-types/commands/DeleteGroupPolicyCommand.d.ts CHANGED Viewed

@@ -10,7 +10,7 @@ export interface DeleteGroupPolicyCommandOutput extends __MetadataBearer {
 /**
  * <p>Deletes the specified inline policy that is embedded in the specified IAM
  *             group.</p>
- *         <p>A group can also have managed policies attached to it. To detach a managed policy from
+ *          <p>A group can also have managed policies attached to it. To detach a managed policy from
  *             a group, use <a>DetachGroupPolicy</a>. For more information about policies,
  *             refer to <a href="https://docs.aws.amazon.com/IAM/latest/UserGuide/policies-managed-vs-inline.html">Managed policies and inline
  *                 policies</a> in the <i>IAM User Guide</i>.</p>

package/dist-types/commands/DeleteInstanceProfileCommand.d.ts CHANGED Viewed

@@ -10,13 +10,13 @@ export interface DeleteInstanceProfileCommandOutput extends __MetadataBearer {
 /**
  * <p>Deletes the specified instance profile. The instance profile must not have an
  *             associated role.</p>
- *         <important>
+ *          <important>
  *             <p>Make sure that you do not have any Amazon EC2 instances running with the instance
  *                 profile you are about to delete. Deleting a role or instance profile that is
  *                 associated with a running instance will break any applications running on the
  *                 instance.</p>
- *         </important>
- *         <p>For more information about instance profiles, see <a href="https://docs.aws.amazon.com/IAM/latest/UserGuide/AboutInstanceProfiles.html">About instance
+ *          </important>
+ *          <p>For more information about instance profiles, see <a href="https://docs.aws.amazon.com/IAM/latest/UserGuide/AboutInstanceProfiles.html">About instance
  *             profiles</a>.</p>
  * @example
  * Use a bare-bones client and the command you need to make an API call.

package/dist-types/commands/DeleteLoginProfileCommand.d.ts CHANGED Viewed

@@ -10,17 +10,17 @@ export interface DeleteLoginProfileCommandOutput extends __MetadataBearer {
 /**
  * <p>Deletes the password for the specified IAM user, For more information, see <a href="https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_passwords_admin-change-user.html">Managing
  *                 passwords for IAM users</a>.</p>
- *         <p>You can use the CLI, the Amazon Web Services API, or the <b>Users</b>
+ *          <p>You can use the CLI, the Amazon Web Services API, or the <b>Users</b>
  *             page in the IAM console to delete a password for any IAM user. You can use <a>ChangePassword</a> to update, but not delete, your own password in the
  *                 <b>My Security Credentials</b> page in the
  *             Amazon Web Services Management Console.</p>
- *         <important>
+ *          <important>
  *             <p>Deleting a user's password does not prevent a user from accessing Amazon Web Services through
  *                 the command line interface or the API. To prevent all user access, you must also
  *                 either make any access keys inactive or delete them. For more information about
  *                 making keys inactive or deleting them, see <a>UpdateAccessKey</a> and
  *                     <a>DeleteAccessKey</a>.</p>
- *         </important>
+ *          </important>
  * @example
  * Use a bare-bones client and the command you need to make an API call.
  * ```javascript

package/dist-types/commands/DeleteOpenIDConnectProviderCommand.d.ts CHANGED Viewed

@@ -9,10 +9,10 @@ export interface DeleteOpenIDConnectProviderCommandOutput extends __MetadataBear
 }
 /**
  * <p>Deletes an OpenID Connect identity provider (IdP) resource object in IAM.</p>
- *         <p>Deleting an IAM OIDC provider resource does not update any roles that reference the
+ *          <p>Deleting an IAM OIDC provider resource does not update any roles that reference the
  *             provider as a principal in their trust policies. Any attempt to assume a role that
  *             references a deleted provider fails.</p>
- *         <p>This operation is idempotent; it does not fail or return an error if you call the
+ *          <p>This operation is idempotent; it does not fail or return an error if you call the
  *             operation for a provider that does not exist.</p>
  * @example
  * Use a bare-bones client and the command you need to make an API call.

package/dist-types/commands/DeletePolicyCommand.d.ts CHANGED Viewed

@@ -9,29 +9,29 @@ export interface DeletePolicyCommandOutput extends __MetadataBearer {
 }
 /**
  * <p>Deletes the specified managed policy.</p>
- *         <p>Before you can delete a managed policy, you must first detach the policy from all
+ *          <p>Before you can delete a managed policy, you must first detach the policy from all
  *             users, groups, and roles that it is attached to. In addition, you must delete all the
  *             policy's versions. The following steps describe the process for deleting a managed
  *             policy:</p>
- *         <ul>
+ *          <ul>
  *             <li>
- *                 <p>Detach the policy from all users, groups, and roles that the policy is
+ *                <p>Detach the policy from all users, groups, and roles that the policy is
  *                     attached to, using <a>DetachUserPolicy</a>, <a>DetachGroupPolicy</a>, or <a>DetachRolePolicy</a>. To
  *                     list all the users, groups, and roles that a policy is attached to, use <a>ListEntitiesForPolicy</a>.</p>
  *             </li>
  *             <li>
- *                 <p>Delete all versions of the policy using <a>DeletePolicyVersion</a>.
+ *                <p>Delete all versions of the policy using <a>DeletePolicyVersion</a>.
  *                     To list the policy's versions, use <a>ListPolicyVersions</a>. You
  *                     cannot use <a>DeletePolicyVersion</a> to delete the version that is
  *                     marked as the default version. You delete the policy's default version in the
  *                     next step of the process.</p>
  *             </li>
  *             <li>
- *                 <p>Delete the policy (this automatically deletes the policy's default version)
+ *                <p>Delete the policy (this automatically deletes the policy's default version)
  *                     using this operation.</p>
  *             </li>
  *          </ul>
- *         <p>For information about managed policies, see <a href="https://docs.aws.amazon.com/IAM/latest/UserGuide/policies-managed-vs-inline.html">Managed policies and inline
+ *          <p>For information about managed policies, see <a href="https://docs.aws.amazon.com/IAM/latest/UserGuide/policies-managed-vs-inline.html">Managed policies and inline
  *                 policies</a> in the <i>IAM User Guide</i>.</p>
  * @example
  * Use a bare-bones client and the command you need to make an API call.

package/dist-types/commands/DeletePolicyVersionCommand.d.ts CHANGED Viewed

@@ -9,10 +9,10 @@ export interface DeletePolicyVersionCommandOutput extends __MetadataBearer {
 }
 /**
  * <p>Deletes the specified version from the specified managed policy.</p>
- *         <p>You cannot delete the default version from a policy using this operation. To delete
+ *          <p>You cannot delete the default version from a policy using this operation. To delete
  *             the default version from a policy, use <a>DeletePolicy</a>. To find out which
  *             version of a policy is marked as the default version, use <a>ListPolicyVersions</a>.</p>
- *         <p>For information about versions for managed policies, see <a href="https://docs.aws.amazon.com/IAM/latest/UserGuide/policies-managed-versions.html">Versioning for managed
+ *          <p>For information about versions for managed policies, see <a href="https://docs.aws.amazon.com/IAM/latest/UserGuide/policies-managed-versions.html">Versioning for managed
  *                 policies</a> in the <i>IAM User Guide</i>.</p>
  * @example
  * Use a bare-bones client and the command you need to make an API call.

package/dist-types/commands/DeleteRoleCommand.d.ts CHANGED Viewed

@@ -8,13 +8,30 @@ export interface DeleteRoleCommandInput extends DeleteRoleRequest {
 export interface DeleteRoleCommandOutput extends __MetadataBearer {
 }
 /**
- * <p>Deletes the specified role. The role must not have any policies attached. For more
- *             information about roles, see <a href="https://docs.aws.amazon.com/IAM/latest/UserGuide/WorkingWithRoles.html">Working with roles</a>.</p>
- *         <important>
+ * <p>Deletes the specified role. Unlike the Amazon Web Services Management Console, when you delete a role
+ *             programmatically, you must delete the items attached to the role manually, or the
+ *             deletion fails. For more information, see <a href="https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_manage_delete.html#roles-managingrole-deleting-cli">Deleting an IAM role</a>. Before attempting to delete a role, remove the
+ *             following attached items: </p>
+ *          <ul>
+ *             <li>
+ *                <p>Inline policies (<a>DeleteRolePolicy</a>)</p>
+ *             </li>
+ *             <li>
+ *                <p>Attached managed policies (<a>DetachRolePolicy</a>)</p>
+ *             </li>
+ *             <li>
+ *                <p>Instance profile (<a>RemoveRoleFromInstanceProfile</a>)</p>
+ *             </li>
+ *             <li>
+ *                <p>Optional – Delete instance profile after detaching from role for
+ *                     resource clean up (<a>DeleteInstanceProfile</a>)</p>
+ *             </li>
+ *          </ul>
+ *          <important>
  *             <p>Make sure that you do not have any Amazon EC2 instances running with the role you
  *                 are about to delete. Deleting a role or instance profile that is associated with a
  *                 running instance will break any applications running on the instance.</p>
- *         </important>
+ *          </important>
  * @example
  * Use a bare-bones client and the command you need to make an API call.
  * ```javascript

package/dist-types/commands/DeleteRolePermissionsBoundaryCommand.d.ts CHANGED Viewed

@@ -9,11 +9,11 @@ export interface DeleteRolePermissionsBoundaryCommandOutput extends __MetadataBe
 }
 /**
  * <p>Deletes the permissions boundary for the specified IAM role. </p>
- *         <important>
+ *          <important>
  *             <p>Deleting the permissions boundary for a role might increase its permissions. For
  *                 example, it might allow anyone who assumes the role to perform all the actions
  *                 granted in its permissions policies. </p>
- *         </important>
+ *          </important>
  * @example
  * Use a bare-bones client and the command you need to make an API call.
  * ```javascript

package/dist-types/commands/DeleteRolePolicyCommand.d.ts CHANGED Viewed

@@ -10,7 +10,7 @@ export interface DeleteRolePolicyCommandOutput extends __MetadataBearer {
 /**
  * <p>Deletes the specified inline policy that is embedded in the specified IAM
  *             role.</p>
- *         <p>A role can also have managed policies attached to it. To detach a managed policy from
+ *          <p>A role can also have managed policies attached to it. To detach a managed policy from
  *             a role, use <a>DetachRolePolicy</a>. For more information about policies,
  *             refer to <a href="https://docs.aws.amazon.com/IAM/latest/UserGuide/policies-managed-vs-inline.html">Managed policies and inline
  *                 policies</a> in the <i>IAM User Guide</i>.</p>

package/dist-types/commands/DeleteSAMLProviderCommand.d.ts CHANGED Viewed

@@ -9,12 +9,12 @@ export interface DeleteSAMLProviderCommandOutput extends __MetadataBearer {
 }
 /**
  * <p>Deletes a SAML provider resource in IAM.</p>
- *         <p>Deleting the provider resource from IAM does not update any roles that reference the
+ *          <p>Deleting the provider resource from IAM does not update any roles that reference the
  *             SAML provider resource's ARN as a principal in their trust policies. Any attempt to
  *             assume a role that references a non-existent provider resource ARN fails.</p>
- *         <note>
+ *          <note>
  *             <p> This operation requires <a href="https://docs.aws.amazon.com/general/latest/gr/signature-version-4.html">Signature Version 4</a>.</p>
- *         </note>
+ *          </note>
  * @example
  * Use a bare-bones client and the command you need to make an API call.
  * ```javascript

package/dist-types/commands/DeleteSSHPublicKeyCommand.d.ts CHANGED Viewed

@@ -9,7 +9,7 @@ export interface DeleteSSHPublicKeyCommandOutput extends __MetadataBearer {
 }
 /**
  * <p>Deletes the specified SSH public key.</p>
- *         <p>The SSH public key deleted by this operation is used only for authenticating the
+ *          <p>The SSH public key deleted by this operation is used only for authenticating the
  *             associated IAM user to an CodeCommit repository. For more information about using SSH keys
  *             to authenticate to an CodeCommit repository, see <a href="https://docs.aws.amazon.com/codecommit/latest/userguide/setting-up-credentials-ssh.html">Set up CodeCommit for
  *                 SSH connections</a> in the <i>CodeCommit User Guide</i>.</p>

package/dist-types/commands/DeleteServerCertificateCommand.d.ts CHANGED Viewed

@@ -9,11 +9,11 @@ export interface DeleteServerCertificateCommandOutput extends __MetadataBearer {
 }
 /**
  * <p>Deletes the specified server certificate.</p>
- *         <p>For more information about working with server certificates, see <a href="https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_server-certs.html">Working
+ *          <p>For more information about working with server certificates, see <a href="https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_server-certs.html">Working
  *                 with server certificates</a> in the <i>IAM User Guide</i>. This
  *             topic also includes a list of Amazon Web Services services that can use the server certificates that
  *             you manage with IAM.</p>
- *         <important>
+ *          <important>
  *             <p> If you are using a server certificate with Elastic Load Balancing, deleting the
  *                 certificate could have implications for your application. If Elastic Load Balancing
  *                 doesn't detect the deletion of bound certificates, it may continue to use the
@@ -22,7 +22,7 @@ export interface DeleteServerCertificateCommandOutput extends __MetadataBearer {
  *                 Balancing before using this command to delete the certificate. For more information,
  *                 see <a href="https://docs.aws.amazon.com/ElasticLoadBalancing/latest/APIReference/API_DeleteLoadBalancerListeners.html">DeleteLoadBalancerListeners</a> in the <i>Elastic Load Balancing API
  *                     Reference</i>.</p>
- *         </important>
+ *          </important>
  * @example
  * Use a bare-bones client and the command you need to make an API call.
  * ```javascript